Environment variables

These tables contain all the environment variables used by the System SSL application and read during the startup of the application.

Table 1. SSL-Specific environment variables
Environment variables Usage Valid values
GSK_3DES_KEYCHECK Specifies that each part of a Triple DES key is checked to be unique when in non-FIPS mode. Uniqueness check is always performed when in FIPS mode. A value of 0 or OFF specifies no key uniqueness check is performed.

A value of 1 or ON specifies a key uniqueness check is performed.

The default value is OFF.

GSK_AIA_CDP_PRIORITY Specifies the priority order that the AIA and the CDP extensions are checked for certificate revocation information. A value of 1 or ON indicates that the AIA extension is queried before examining the CDP extension. This means that any OCSP responders specified in the AIA extension or the OCSP responder specified in GSK_OCSP_URL is contacted before attempting to contact the HTTP servers specified in the URI values of the CDP extension.

A value of 0 or OFF indicates that the CDP extension is queried before examining the AIA extension. This means that the HTTP servers specified in the URI values of the CDP extension is contacted before attempting to contact the OCSP responders in the AIA extension or the OCSP responder specified in GSK_OCSP_URL.

The default value is ON.

GSK_CERT_DIAG_INFO Specifies the circumstances in which the gsk_cert_diagnostic_callback routine should be called. Start of changeA value of FAILURE specifies that the gsk_cert_diagnostic_callback routine will only be called if the certificate validation fails for the peer. This is the default.

A value of SUCCESS specifies that the gsk_cert_diagnostic_callback routine will only be called if the certificate validation is successful for the peer.

A value of BOTH specifies that the gsk_cert_diagnostic_callback routine will be called for both peer certificate validation successes and failures.

End of change
GSK_CERT_VALIDATE_KEYRING_ROOT Specifies how certificates in a SAF key ring are validated. A value of ON or 1 specifies that SAF key ring certificates must be validated to the root CA certificate.

Specify OFF or 0 if SAF key ring certificates are only validated to the trust anchor certificate. If a sole intermediate certificate is found in a SAF key ring and the next issuer is not found in the same SAF key ring, the intermediate certificate acts as a trust anchor and the certificate chain is considered complete. By default, SAF key ring certificates are only validated to the trust anchor certificate. This setting does not affect the validation of SSL key database file, PKCS #12 file, or PKCS #11 token certificates because these certificates are always validated to the root CA certificate. The default value is OFF.

GSK_CERT_VALIDATION_MODE Specifies which Internet standard is to be used for certificate validation.

A value of 2459 specifies certificate validation against RFC 2459 only. A value of 3280 specifies certificate validation against RFC 3280 only. A value of 5280 specifies certificate validation against RFC 5280 only. A value of ANY specifies certificate validation against RFC 2459 initially - if that fails, validate against RFC 3280 - if that fails, validate against RFC 5280. The default value is ANY.

If TLS V1.3 is negotiated for a secure connection, certificate validation is done according to RFC 5280 unless explicitly specified.

GSK_CLIENT_AUTH_NOCERT_ALERT Specifies whether the SSL server application accepts a connection from a client where client authentication is requested and the client fails to supply an X.509 certificate. A value of OFF or 0 allows connections with clients where client authentication is requested and the client fails to supply an X.509 certificate. A value of ON or 1 terminates connections with clients where client authentication is requested and the client fails to supply an X.509 certificate. The default value is OFF.
GSK_CLIENT_EPHEMERAL_DH_GROUP
_SIZE
Specifies the minimum Diffie-Hellman group size required by the client to be used by the server for an ephemeral Diffie-Hellman key exchange. A value of LEGACY specifies the Diffie-Hellman group size to be 1024 in non-FIPS mode and 2048 in FIPS mode. A value of 2048 specifies the Diffie-Hellman group size to be 2048. The default value is LEGACY.
GSK_CLIENT_ECURVE_LIST

Specifies the list of elliptic curves or supported groups that are supported by the client as a string consisting of 1 or more 4-character values in order of preference for use. For TLS V1.0, TLS V1.1, and TLS V1.2 protocols, this list is used by the client to guide the server as to which elliptic curves are preferred when using ECC-based cipher suites. For the TLS V1.3 protocol, this list is used by the client to guide the server as to which elliptic curves are preferred and guide group selection for encryption and decryption of handshake messages.

Only NIST recommended curves can be specified. To use Brainpool standard curves for an SSL environment or connection, set GSK_CLIENT_ECURVE_LIST to "" or use gsk_attribute_set_buffer() to re-initialize the GSK_CLIENT_ECURVE_LIST buffer to NULL.

See Table 5 for a list of valid 4-character elliptic curve and supported groups specifications.
The default specification is 00210023002400250019.

If TLS V1.3 is enabled, 0029 (x25519) is appended to the end of the default list.

Start of changeGSK_CLIENT_EXTENDED_MASTER_SECRETEnd of change Start of changeSpecifies if the TLS client sends the extended master secret extension to the server. This option is only applicable for TLS V1.0, TLS V1.1, and TLS V1.2 handshakes.End of change Start of changeA value of 0, OFF, or DISABLED specifies that the TLS client does not send the extended master secret extension to the server.

A value of 1, ON, or ENABLED specifies that the TLS client sends the extended master secret extension to the server but does not require the server to support the extension.

A value of REQUIRED specifies that the TLS client sends the extended master secret extension to the server and requires the server to support the extension. If a server does not send the extended master secret extension, the handshake fails. Before setting this option to REQUIRED, ensure that the server being communicated with supports the extended master secret extension. If the remote server partner is a z/OS System SSL application, it must be running z/OS V2R3 or later and have PTFs for APAR OA60105 (z/OS V2R3 and V2R4) applied and active before setting this option to REQUIRED.

The default value is ON.

End of change
GSK_CLIENT_TLS_KEY_SHARES Specifies the list of the key share groups that are supported by the client during a TLS V1.3 handshake. During a TLS V1.3 handshake, the client sends the key share groups that are in common and in the same order as the supported groups list (GSK_CLIENT_ECURVE_LIST). The server selects a group from the client’s preferred order and the ones that it supports. The client and server use the selected group to encrypt and decrypt TLS V1.3 handshake messages.
See Table 5 for a list of valid 4-character key share specifications.
There is no default value. This setting must be specified when enabled for TLS V1.3.
GSK_CRL_CACHE_ENTRY_MAXSIZE Specifies the maximum size in bytes of a CRL to be kept in the LDAP CRL cache. The valid cache entry sizes are 0 through 2147483647.

The default value is 0, which means there is no limit on the size of a CRL that is allowed to be stored in the LDAP CRL cache.

The size must be greater than or equal to 0.

GSK_CRL_CACHE_EXTENDED Specifies that LDAP extended CRL cache support is enabled.
Enabling extended support:
  • LDAP CRLs are only cached when there is an expiration time present and it is greater than the current time.
  • Limits the number of CRLs that can be stored in the LDAP cache to 32. This can be overridden by specifying GSK_CRL_CACHE_SIZE.
  • Disables caching of temporary CRLs. This can be enabled by specifying GSK_CRL_CACHE_TEMP_CRL.
  • Ignores GSK_CRL_CACHE_TIMEOUT.

When disabled, LDAP basic CRL caching can be used and retrieved LDAP CRLs are only cached when GSK_CRL_CACHE_TIMEOUT is greater than 0 and GSK_CRL_CACHE_SIZE is set to a non-zero number.

A value of ON or 1 enables LDAP extended CRL caching.

A value of OFF or 0 disables LDAP extended CRL caching.

The default value is OFF.

GSK_CRL_CACHE_SIZE Specifies the maximum number of CRLs that are allowed to be stored in the LDAP CRL cache. The valid cache sizes are -1 through 32000.

A value of -1 means unlimited while a value of 0 means caching is not enabled.

If LDAP extended CRL cache support is enabled, the default is 32 and caching only occurs if the CRL contains an expiration time that is later than the current time.

If LDAP basic CRL cache support is enabled, the default is unlimited or -1 and caching only occurs when GSK_CRL_CACHE_TIMEOUT is greater than 0.

GSK_CRL_CACHE_TEMP_CRL Specifies if a temporary LDAP CRL cache entry is added to the LDAP CRL cache when the CRL does not reside on the LDAP server. A value of ON or 1 indicates that a temporary LDAP CRL cache entry is added to the LDAP CRL cache.

A value of OFF or 0 indicates that a temporary LDAP CRL cache entry is not to be added to the LDAP CRL cache.

If LDAP extended CRL cache support is enabled, the default value is OFF.

If LDAP basic CRL cache support is enabled, the default value is ON.

GSK_CRL_CACHE_TEMP_CRL_TIMEOUT Specifies the time in hours that a temporary CRL cache entry resides in the LDAP extended CRL cache when caching of temporary CRLs is enabled.

A temporary LDAP CRL cache entry is added to the LDAP CRL cache when the CRL does not reside on the LDAP server.

The range is 1 through 720 hours and defaults to 24 hours.
GSK_CRL_CACHE_TIMEOUT

Specifies the number of hours that a cached LDAP CRL remains valid.

The valid timeout values are 0 through 720 and defaults to 24. A value of 0 disables the LDAP CRL cache.

GSK_CRL_SECURITY_LEVEL Specifies the level of security to be used when contacting LDAP servers to check CRLs for revoked certificates during certificate validation.

An attempt to contact the LDAP server is performed when the CRL is not found in the LDAP cache. To enforce contact with the LDAP server for each CRL being checked, CRL caching must be disabled.

For LDAP basic CRL caching, see the GSK_CRL_CACHE_TIMEOUT or GSK_CRL_CACHE_SIZE settings.

For LDAP extended CRL caching, see the GSK_CRL_CACHE_SIZE setting.

LOW - Certificate validation does not fail if the LDAP server cannot be contacted.

MEDIUM - Certificate validation requires the LDAP server to be contactable, but does not require a CRL to be defined. This is the default.

HIGH - Certificate validation requires revocation information to be provided by the LDAP server.

GSK_EXC_ABEND_DUMP

Specifies whether the SSL condition handler should call the cdump() service to dump the current thread before resuming the failing routine. The dump is placed in the current directory unless LE is instructed to use a different directory by the _CEE_DMPTARG environment variable. See z/OS Language Environment Programming Guide for more information about LE callable services.

A value of 1 enables SSL dumps and a value of 0 disables SSL dumps. The default is 0. The export file contains just the requested certificate when the DER format is selected.

GSK_EXTENDED_RENEGOTIATION_
INDICATOR
Specifies the level of enforcement of renegotiation indication as specified by RFC 5746 during the initial handshake.

A value of OPTIONAL does not require the renegotiation indicator during initial handshake. This is the default.

A value of CLIENT allows the client initial handshake to proceed only if the server indicates support for RFC 5746 Renegotiation.

A value of SERVER allows the server initial handshake to proceed only if the client indicates support for RFC 5746 Renegotiation.

A value of BOTH will allow the server and client initial handshakes to proceed only if partner indicates support for RFC 5746 Renegotiation.

GSK_HTTP_CDP_CACHE_ENTRY_MAXSIZE Specifies the maximum size in bytes of a CRL that is allowed to be stored in the HTTP CDP CRL cache. Any CRLs larger than this size are not cached. The valid sizes are 0 through 2147483647.

The default value is 0, which means there is no limit on the size of the CRL stored in the HTTP CDP CRL cache.

GSK_HTTP_CDP_CACHE_SIZE Specifies the maximum number of CRLs that are allowed to be stored in the HTTP CDP CRL cache. The valid sizes are 0 through 32000.

The default value is 32. If set to 0, HTTP CDP CRL caching is disabled.

GSK_HTTP_CDP_ENABLE Specifies if certificate revocation checking with the HTTP URI values in the CDP extension is enabled. A value of 0, OFF, or DISABLED indicates that certificate revocation checking with the HTTP URI values in the CDP extension is not enabled.

A value of 1, ON, or ENABLED indicates certificate revocation checking with the HTTP URI values in the CDP extension is enabled.

The default value is OFF.

GSK_HTTP_CDP_MAX_RESPONSE_SIZE Specifies the maximum size in bytes accepted as a response from an HTTP server when retrieving a CRL. Setting the maximum response size too small could implicitly disable HTTP CRL support. The valid sizes are 0 through 2147483647.

The default value is 204800 (200K).

A value of 0 disables checking the size and allows a CRL of any size.

GSK_HTTP_CDP_PROXY_SERVER_NAME Specifies the DNS name or IP address of the HTTP proxy server for HTTP CDP CRL retrieval. The default value is NULL.
GSK_HTTP_CDP_PROXY_SERVER_PORT Specifies the HTTP proxy server port for HTTP CDP CRL retrieval. Port must be between 1 and 65535. The default port value is 80.
GSK_HTTP_CDP_RESPONSE_TIMEOUT Specifies the time in seconds to wait for a response from the HTTP server. The valid time limits are 0 through 43200 seconds (12 hours).

The default value is 15 seconds and a value of 0 indicates that there is no time limit.

GSK_HW_CRYPTO

Specifies whether the hardware cryptographic support is used. Note that ICSF (Integrated Cryptographic Service Facility) must be configured and running in order for System SSL to use the hardware cryptographic support that is available in the cryptographic cards.

SHA-1, SHA-2, DES, Triple DES, and AES hardware functions can be used without ICSF if the zArchitecture message-security assist is installed.

For more information about hardware cryptographic support, see Using cryptographic features with System SSL.

Selected hardware cryptographic functions can be disabled by setting the appropriate bits to zero in the GSK_HW_CRYPTO value. The corresponding software algorithms are used when a hardware function is disabled. These bit assignments are defined:

  • 1 = SHA-1 digest generation
  • 2 = 56-bit DES encryption/decryption
  • 4 = 168-bit Triple DES encryption/decryption
  • 8 = Public key encryption/decryption
  • 16 = AES 128-bit encryption/decryption
  • 32 = SHA-256 digest generation
  • 64 = AES-256-bit encryption/decryption
  • 128 = SHA-224 digest generation
  • 256 = SHA-384 digest generation
  • 512 = SHA-512 digest generation
Note: If a hardware function bit is set on and the hardware function is unavailable, processing takes place in software.

A value of 0 disables the use of hardware support while a value of 65535 enables the use of hardware support. The default value is 65535 and only available hardware support is used.

GSK_KEY_LABEL

Specifies the label of the key that is used to authenticate the application.

Any key label. The default key is used if a key label is not specified.

GSK_KEYRING_FILE

Specifies the name of the key database file, PKCS #12 file, SAF key ring, or z/OS PKCS #11 token. A key database or PKCS #12 file is used if the GSK_KEYRING_PW environment variable is also specified. A key database file is used if GSK_KEYRING_STASH environment variable is also specified. Otherwise, a SAF key ring or z/OS PKCS #11 token is used.

Note that certificate private keys are not available when using a SAF key ring owned by another user.

The user must have READ access to resource USER.tokenname in the CRYPTOZ class when using a z/OS PKCS #11 token.

The SAF key ring name is specified as userid/keyring. The current user ID is used if the user ID is omitted.

The z/OS PKCS #11 token name is specified as *TOKEN*/token-name.

If no certificate source is specified, defaults to NULL.

GSK_KEYRING_PW

Specifies the password for the key database or PKCS #12 file.

NULL or value consisting of up to 128 characters.

The default value is NULL

GSK_KEYRING_STASH

Specifies the name of the key database password stash file.

The stash file name always has an extension of .sth and the supplied name is changed if it does not have the correct extension. The GSK_KEYRING_PW environment variable is used instead of the GSK_KEYRING_STASH environment variable if it is also specified.

The default value is NULL.

GSK_LDAP_PASSWORD

Specifies the password to use when connecting to the LDAP server.

The default value is NULL.

GSK_LDAP_PORT

Specifies the LDAP server port.

Port must be between 1 and 65535. Port 389 is used if no LDAP server port is specified.

GSK_LDAP_RESPONSE_TIMEOUT Specifies the time in seconds to wait for a response from the LDAP server. The valid time limits are 0 through 43200 seconds (12 hours).

The default value is 15 seconds and a value of 0 indicates that there is no time limit.

GSK_LDAP_SERVER Specifies one or more blank-separated LDAP server host names. The LDAP server is used to obtain CA certificates when validating a certificate and the local database does not contain the required certificate. The local database must contain the required certificates if no LDAP server is specified. Even when an LDAP server is used, root CA certificates must be found in the local database since the LDAP server is not a trusted data source. The LDAP server is also used to obtain certificate revocation lists. Each host name can contain an optional port number that is separated from the host name by a colon.

The default value is NULL.

GSK_LDAP_USER Specifies the distinguished name to use when connecting to the LDAP server. The default value is NULL.
GSK_MAX_SOURCE_REV_EXT_LOC_VALUES Specifies the maximum number of location values that are contacted per data source when attempting validation of a certificate. The locations for revocation information are specified by the accessLocation in the AIA certificate extension for OCSP and the distributionPoint in the CDP extension for HTTP CRLs. When an HTTP URI is present in an AIA or CDP extension, validation attempts to contact the remote HTTP server to obtain revocation information. Both of these extensions can contain multiple location values and therefore have the potential to impact performance when there be a very large number of locations present. The valid values are 0 through 256.

The default value is 10 and a value of 0 indicates there is no limit on the number of locations contacted.

GSK_MAX_VALIDATION_REV_EXT _LOC_VALUES Specifies the maximum number of locations values that are contacted when performing validation of a certificate. The locations for revocation information are specified by the accessLocation in the AIA certificate extension for OCSP and the distributionPoint in the CDP extension for HTTP CRLs. When an HTTP URI is present in an AIA or CDP extension, validation attempts to contact the remote HTTP server to obtain revocation information. Both of these extensions can contain multiple location values and therefore has the potential to negatively impact performance when there be a very large number of locations present. The valid values are 0 through 1024.

The default value is 100 and a value of 0 indicates there is no limit on the number of locations contacted.

GSK_MIDDLEBOX_COMPAT_MODE Specifies if the TLS V1.3 handshake process ought to use or tolerate handshake messages in a manner compliant with earlier TLS protocols to alleviate possible issues with middleboxes or proxies. A value of 0, OFF, or DISABLED specifies that the TLS V1.3 handshake process should use the pure TLS V1.3 handshake message format.

A value of 1, ON, or ENABLED specifies if the TLS V1.3 handshake process should use or tolerate handshake messages in a manner compliant with earlier TLS protocols to alleviate possible issues with middleboxes or proxies.

The default value is OFF.

GSK_OCSP_CLIENT_CACHE_ENTRY _MAXSIZE Specifies the maximum number of OCSP responses or cached certificate statuses that are allowed to be kept in the OCSP response cache for an issuing CA certificate. The valid sizes are 0 through 32000.

The default value is 0 which indicates that there is no limit on the number of cached certificate statuses allowed for a specific issuing CA certificate other than the limit imposed by GSK_OCSP_CLIENT_CACHE _SIZE. This cache size is rounded up to the nearest multiple of 16 with a minimum size of 16.

GSK_OCSP_CLIENT_CACHE_SIZE Specifies the maximum number of OCSP responses or cached certificate statuses to be kept in the OCSP response cache. The valid cache sizes are 0 through 32000 and defaults to 256. The OCSP response cache is disabled if 0 is specified. The OCSP response cache is allocated using the requested size rounded up to the nearest multiple of 16 with a minimum size of 16.
GSK_OCSP_ENABLE Specifies whether the AIA extensions are to be used for revocation checking.

If GSK_OCSP_URL is specified, GSK_OCSP_ENABLE is set to ON and GSK_OCSP_URL_PRIORITY is set to ON, then the order the responders are used is GSK_OCSP_URL defined responder first and then the responders identified in the AIA extension.

If GSK_OCSP_URL is specified, GSK_OCSP_ENABLE is set to ON and GSK_OCSP_URL_PRIORITY is set to OFF, then the order that responders are used is the responders identified in the AIA extension first and then the GSK_OCSP_URL defined responder.

A value of 0, OFF, or DISABLED disables OCSP revocation checking via the AIA extension.

A value of 1, ON, or ENABLED enables OCSP revocation checking via the AIA extension.

The default value is OFF.

GSK_OCSP_MAX_RESPONSE_SIZE Specifies the maximum size in bytes that is accepted as a response from an OCSP responder. Setting the maximum response size too small could implicitly disable OCSP support. The valid response sizes are 0 through 2147483647.

The default value is 20480 (20K).

A value of 0 disables checking of the OCSP response size and allows an OCSP response of any size.

GSK_OCSP_NONCE_CHECK_ENABLE Specifies if OCSP response nonce checking is enabled. Nonce checking ensures the nonce in the OCSP response matches the nonce sent in the OCSP request.
Note: Setting to ON sets GSK_OCSP_NONCE_GENERATION _ENABLE to ON.
A value of 0, OFF, or DISABLED disables OCSP nonce checking.

A value of 1, ON, or ENABLED enables OCSP nonce checking.

The default value is OFF.

GSK_OCSP_NONCE_GENERATION_ENABLE Specifies if OCSP requests include a generated nonce. A value of 0, OFF, or DISABLED disables OCSP nonce generation.

A value of 1, ON, or ENABLED enables OCSP nonce generation.

The default value is OFF.

GSK_OCSP_NONCE_SIZE Specifies the size in bytes for the value of the nonce to be sent in OCSP requests. The valid OCSP nonce sizes are 8 through 256 and defaults to 8.
GSK_OCSP_PROXY_SERVER_NAME Specifies the DNS name or IP address of the OCSP proxy server. The default value is NULL.
GSK_OCSP_PROXY_SERVER_PORT Specifies the OCSP responder proxy server port. Port must be between 1 and 65535. The default port value is 80.
GSK_OCSP_REQUEST_SIGALG Specifies the hash and signature algorithm pair used to sign OCSP requests.

Only requests sent to the OCSP responder identified by GSK_OCSP_URL are signed and not the ones selected from a certificate AIA extension.

See Table 7 for a list of valid 4-character signature algorithm pair specifications.
Default is 0401 (RSA with SHA256).
GSK_OCSP_REQUEST_SIGKEYLABEL Specifies the label of the key used to sign OCSP requests.

Only requests sent to the OCSP responder identified by GSK_OCSP_URL are signed.

Any key label. OCSP requests are not signed if a key label is not specified.
GSK_OCSP_RESPONSE_SIGALG_PAIRS Specifies a preference ordered list of hash and signature algorithm pair specifications that are sent on the OCSP request and may be used by the OCSP responder to select an appropriate algorithm for signing the OCSP response. The string consists of one or more 4-character values in order of preference for use.

If specified, the OCSP response must be signed with one of these hash and signature algorithm pairs and if it is not, the OCSP response is rejected. It should be noted that not all OCSP responders support the preference ordered list and the OCSP response may be signed by a signature algorithm that was not specified. These signature algorithm pair specifications only have relevance when OCSP is enabled in the application.

See Table 7 for a list of valid 4-character signature algorithm pair specifications.
A value of NULL indicates that a preference ordered list is not sent to the OCSP responder.

The default value is NULL.

GSK_OCSP_RESPONSE_TIMEOUT Specifies the time in seconds to wait for a response from the OCSP responder server. The valid time limits are 0 through 43200 seconds (12 hours).

The default value is 15 seconds and a value of 0 indicates that there is no time limit.

GSK_OCSP_RETRIEVE_VIA_GET Specifies if the HTTP GET method should be used when sending an OCSP request. A value of 0 or OFF sends the OCSP request via the HTTP POST method.

A value of 1 or ON sends the OCSP request via the HTTP GET method when the total request size after Base64 encoding is less than 255 bytes.

The default value is OFF.

GSK_OCSP_URL Specifies the URI of an OCSP responder. The OCSP responder is used to obtain certificate revocation status during certificate validation. A certificate does not need an AIA extension if a responder URL is configured using this option.

If GSK_OCSP_URL is specified, GSK_OCSP_ENABLE is set to ON, and GSK_OCSP_URL_PRIORITY is set to ON, the order that responders are used is GSK_OCSP_URL defined responder first and then the responders identified in the AIA extension.

If GSK_OCSP_URL is specified, GSK_OCSP_ENABLE is set to ON, and GSK_OCSP_URL_PRIORITY is set to OFF, the order that responders are used is the responders identified in the AIA extension first and then the GSK_OCSP_URL defined responder.

The value must conform to the definition of an HTTP url:
http_URL = "http:" "//" host 
[ ":" port ] [ abs_path 
[ "?" query ]]
where host can be an IPv4 or IPv6 IP address, or a domain name.

The default value is NULL.

GSK_OCSP_URL_PRIORITY Specifies the priority order for contacting OCSP responder locations if both GSK_OCSP_URL and GSK_OCSP_ENABLE are active. A value of 1 or ON indicates that the order that responders are used is the GSK_OCSP_URL defined responder first and then the responders identified in the AIA extension.

A value of 0 or OFF indicates that the order that responders are used is the responders identified in the AIA extension first and then the GSK_OCSP_URL defined responder.

The default value is ON.

GSK_PEER_CERT_MIN_VERSION Specifies that certificate validation should ensure that the partner's end-entity certificate is a minimum X.509 version.

This setting is ignored during a TLS V1.3 handshake as TLS V1.3 requires a minimum X.509 certificate version of 3.

A value of 3 specifies that the partner’s end-entity certificate must be an X.509 version 3.

A value of ANY specifies that the partner’s end entity certificate can be any supported System SSL X.509 version.

The default value is ANY.

GSK_PEER_DH_MIN_KEY_SIZE Specifies the minimum allowed X.509 certificate Diffie-Hellman key size for a peer end-entity certificate. Valid values are 0 through 2048.

The default value in non-FIPS mode is 1024. The default value in FIPS mode is 2048.

GSK_PEER_DSA_MIN_KEY_SIZE Specifies the minimum allowed X.509 certificate DSA key size for a peer end-entity certificate. Valid values are 0 through 2048.

The default value in non-FIPS mode and FIPS mode is 1024.

GSK_PEER_ECC_MIN_KEY_SIZE Specifies the minimum allowed X.509 certificate Elliptic Curve key size for a peer end-entity certificate. Valid values are 0 through 521.

The default value in non-FIPS mode and FIPS mode ON or LEVEL 1 is 192.

GSK_PEER_RSA_MIN_KEY_SIZE Specifies the minimum allowed X.509 certificate RSA key size for a peer end-entity certificate. Valid values are 0 through 4096.

The default value in non-FIPS mode and FIPS mode ON or LEVEL 1 is 1024.

GSK_PROTOCOL_SSLV2

Specifies whether the SSL V2 protocol is supported. The SSL V2 and SSL V3 protocols should be disabled whenever possible because the TLS V1.0, TLS V1.1, TLS V1.2, and TLS V1.3 protocols provide significant security enhancements. This variable has no effect when operating in FIPS mode.

A value of 0, OFF or DISABLED disables the SSL V2 protocol while a value of 1, ON or ENABLED enables the SSL V2 protocol. The default value is OFF.

GSK_PROTOCOL_SSLV3

Specifies whether the SSL V3 protocol is supported. The SSL V2 and SSL V3 protocols should be disabled whenever possible because the TLS V1.0, TLS V1.1, TLS V1.2, and TLS V1.3 protocols provide significant security enhancements. This variable has no effect when operating in FIPS mode.

A value of 0, OFF or DISABLED disables the SSL V3 protocol while a value of 1, ON or ENABLED enables the SSL V3 protocol. The default value is OFF.

GSK_PROTOCOL_TLSV1

Specifies whether the TLS V1.0 protocol is supported.

A value of 0, OFF or DISABLED disables the TLS V1.0 protocol while a value of 1, ON or ENABLED enables the TLS V1.0 protocol. The default value is ON.

GSK_PROTOCOL_TLSV1_1

Specifies whether the TLS V1.1 protocol is supported.

A value of 0, OFF or DISABLED disables the TLS V1.1 protocol while a value of 1, ON or ENABLED enables the TLS V1.1 protocol. The default value is OFF.

GSK_PROTOCOL_TLSV1_2 Specifies whether the TLS V1.2 protocol is supported. A value of 0, OFF or DISABLED disables the TLS V1.2 protocol. A value of 1, ON or ENABLED enables the TLS V1.2 protocol. The default value is OFF.
GSK_PROTOCOL_TLSV1_3 Specifies whether the TLS V1.3 protocol is supported.
Note: The TLS V1.3 protocol is not currently supported in FIPS mode. If an attempt is made to enable this protocol while running in FIPS mode, an error is returned during environment initialization.
A value of 0, OFF, or DISABLED disables the TLS V1.3 protocol. A value of 1, ON, or ENABLED enables the TLS V1.3 protocol. The default value is OFF.
GSK_RENEGOTIATION Specifies the type of session renegotiation allowed for an SSL environment.

A value of NONE disables SSL V3 and TLS handshake renegotiation as a server and allow RFC 5746 renegotiation. This is the default.

A value of DISABLED disables SSL V3 and TLS handshake renegotiation as a server and also disable RFC 5746 renegotiation.

A value of ALL allows SSL V3 and TLS handshake renegotiation as a server while also allowing RFC 5746 renegotiation.

A value of ABBREVIATED allows SSL V3 and TLS abbreviated handshake renegotiation as a server for resuming the current session only, while disabling SSL V3 and TLS full handshake renegotiation as a server. With this value specified, the System SSL session ID cache is not checked when resuming the current session. RFC 5746 renegotiation is allowed if this value is specified.

GSK_RENEGOTIATION_PEER_CERT_ CHECK Specifies if the peer certificate is allowed to change during renegotiation.

A value of OFF or 0 does not perform an identity check against the peer's certificate during renegotiation. This allows the peer certificate to change during renegotiation. This is the default.

A value of ON or 1 performs a comparison against the peer's certificate to ensure that certificate does not change during renegotiation.

GSK_REVOCATION_SECURITY_LEVEL Specifies the level of security to be used when contacting an OCSP responder or an HTTP server specified in a URI value of the CDP extension.

An attempt to contact either an OCSP responder or HTTP server is performed when revocation information is not found in cache. To enforce contact with either the OCSP responder or HTTP server for each validation, caching must be disabled.

For OCSP caching, see GSK_OCSP_CLIENT_CACHE_SIZE.

For HTTP CRL caching, see GSK_HTTP_CDP_CACHE_SIZE.

A value of LOW indicates that certificate validation does not fail if the OCSP responder or HTTP server specified in the URI value of the CDP extension cannot be contacted.

A value of MEDIUM requires the OCSP responder or the HTTP server in a URI value in the CDP extension to be contactable. For an OCSP responder, it must be able to provide a valid certificate revocation status. If the certificate status is revoked or unknown, certificate validation fails. For an HTTP server in a CDP extension, it must be contactable and able to provide an CRL.

A value of HIGH requires revocation information to be provided by the OCSP responder or HTTP server. If OCSP revocation checking with the AIA extension is enabled, there must be HTTP URI values present in the certificate that are able to be contactable and able to provide a valid certificate revocation status. If HTTP CRL checking is enabled, there must be HTTP URI values in the CDP extension that are able to be contactable and able to provide a CRL.

The default value is MEDIUM.

GSK_RNG_ALLOW_ZERO_BYTES

Specifies whether the SSL random number generator, gsk_generate_random_bytes includes bytes with a zero value in the random byte output stream, or remove them.

The GSK_RNG_ALLOW_ZERO_BYTES environment variable is processed during System SSL initialization and is not checked afterward.

A value of TRUE, ON or 1 sets the random number generator to retain bytes with a zero value in the output stream. A value of FALSE, OFF or 0 results in bytes with a zero value being removed. The default setting is TRUE.

GSK_SERVER_EPHEMERAL_DH_GROUP
_SIZE
Specifies the minimum Diffie-Hellman group size to be used by the server for an ephemeral Diffie-Hellman key exchange. A value of LEGACY specifies the Diffie-Hellman group size to be 1024 in non-FIPS mode and 2048 in FIPS mode.

A value of 2048 specifies the Diffie-Hellman group size to be 2048.

A value of MATCH specifies the Diffie-Hellman group size to be determined by the strength of the server's certificate. If the key being matched is less than or equal to key size 1024, group size 1024 is used. If the key size is greater than 1024, group size 2048 is used.

The default value is LEGACY.

Start of changeGSK_SERVER_EXTENDED_MASTER_SECRETEnd of change Start of changeSpecifies if the TLS server supports negotiating the extended master secret extension from clients. This option is only applicable for TLS V1.0, TLS V1.1, and TLS V1.2 handshakes.End of change Start of changeA value of 0, OFF, or DISABLED specifies that the TLS server does not support negotiating the extended master secret extension from clients.

A value of 1, ON, or ENABLED specifies that the TLS server supports negotiating the extended master secret extension from clients, but does not require the extension.

A value of REQUIRED specifies that the TLS server requires negotiating the extended master secret extension from clients. If a client does not send the extended master secret extension, the handshake fails. Before setting this option to REQUIRED, ensure that all clients communicating with this server support the extended master secret extension. If the remote client partner is a z/OS System SSL application, it must be running z/OS V2R3 or later and have PTFs for APAR OA60105 (z/OS V2R3 and V2R4) applied and active before setting this option to REQUIRED. If the server is enabled for sysplex session ID caching (GSK_SYSPLEX_SIDCACHE is set to ON), all systems must be running z/OS V2R3 or later and any z/OS V2R3 or z/OS V2R4 systems must have the PTFs for APAR OA60105 applied and active before setting this option to REQUIRED for maximum compatibility.

The default value is ON.

End of change
GSK_SERVER_FALLBACK_SCSV Specifies if the server accepts the TLS fallback Signaling Cipher Suite Value (SCSV) when the client's cipher list includes it during an SSL or TLS handshake. The SCSV indicates to the server that the client is attempting to fallback to an earlier TLS or SSL protocol version after a previous handshake attempt failed. A value of ON or 1 indicates that the server supports the TLS fallback Signaling Cipher Suite Value (SCSV) when included in the client's supported cipher list during an SSL or TLS handshake. If the SCSV is present in the client's supported list and the TLS or SSL protocol level specified by the client during the handshake is less than the highest TLS or SSL protocol level supported by the server, the SSL or TLS handshake attempt fails.

A value of OFF or 0 indicates that the server ignores the SCSV when included in the client's supported cipher list during an SSL or TLS handshake. This is the default setting.

GSK_SERVER_KEY_LABEL_LIST Specifies 1 to 8 labels that are used to authenticate the server application in order of preference. Multiple labels are delimited by a comma or a blank space.

If a comma or a blank space appears in the label name, a backslash (\) character must be used as an escape character.

The maximum length of a label name is 127 characters not including the use of an escape character.

The maximum number of label names allowed is 8.

If GSK_KEY_LABEL is specified along with GSK_SERVER_KEY_LABEL_LIST, GSK_KEY_LABEL is used when an SSL V2 secure connection is being established. Otherwise, GSK_KEY_LABEL is ignored.

The default value is NULL.

GSK_SERVER_OCSP_STAPLING Specifies if the server supports the retrieval of the OCSP responses for the server's end entity certificate or the server's certificate chain if the client specifies support for the OCSP responses in the TLS handshake. The client indicates support for the retrieval of the OCSP responses by including the Certificate Status Request or the Multiple Certificate Status Request TLS extensions in a TLS handshake message. The OCSP responses are retrieved by the server and are sent to the client as part of the TLS handshake. The client can then parse the OCSP responses to determine the revocation status of the server's end entity certificate or the server's certificate chain. The inclusion of the OCSP responses in a TLS handshake message is commonly referred to as OCSP stapling.

The GSK_OCSP_URL or the GSK_OCSP_ENABLE settings must be specified prior to initializing the TLS environment. These settings are required in order to contact the desired OCSP responders to retrieve the OCSP responses for the server's certificates.

Notes:
  • When OCSP stapling is enabled, additional processing time will be required by the server to contact the OCSP responder to retrieve the OCSP responses.
  • See Enabling OCSP server stapling for information about the OCSP related options that are ignored or allowed when OCSP stapling is enabled.
A value of ENDENTITY indicates that the server will contact the configured OCSP responders to retrieve the OCSP response for the server's end entity certificate.

A value of ANY indicates that the server will contact the configured OCSP responders to retrieve the OCSP responses for the server's end entity certificate or the server's certificate chain. If the negotiated handshake protocol is TLS V1.2 and earlier, the OCSP responses that are retrieved by the server and sent to the client depend on the Certificate Status Request and the Multiple Certificate Status Request extensions being present in the TLS handshake message from the client. If both extensions are specified by the client in a TLS V1.2 and earlier handshake, the Multiple Certificate Status Request extension takes precedence. If the negotiated handshake protocol is TLS V1.3, the Multiple Certificate Status Request extension is not supported and the Certificate Status Request extension allows for the retrieval of the OCSP response for only the server’s end entity certificate.

A value of OFF indicates that the server is not enabled for contacting the configured OCSP responders to retrieve the OCSP responses for the server's end entity certificate or the server's certificate chain.

The default value is OFF.

GSK_SERVER_TLS_KEY_SHARES Specifies the list of the key share groups that are supported by the server during a TLS V1.3 handshake. During a TLS V1.3 handshake, the server uses the client’s preferred key share group order and selects a group that is in common with this list. The client and server use the selected group to encrypt and decrypt TLS V1.3 handshake messages.
See Table 3 for a list of valid 4-character key share specifications.
There is no default value. This setting must be specified when enabled for TLS V1.3.
GSK_SESSION_TICKET_CLIENT_ENABLE Specifies if the client supports caching session tickets received from a server after a TLS V1.3 handshake has completed and supports TLS V1.3 resumption attempts to the server.

The GSK_V3_SESSION_TIMEOUT and GSK_V3_SIDCACHE_SIZE settings also must be set to values greater than 0 to allow client session ticket caching.

A value of 0, OFF, or DISABLED disables client caching of session tickets received from a server after a TLS V1.3 handshake has completed and does not support TLS V1.3 resumption attempts to the server.

A value of 1, ON, or ENABLED enables client caching of session tickets received from a server after a TLS V1.3 handshake has completed and supports TLS V1.3 resumption attempts to the server.

The default value is ON.

GSK_SESSION_TICKET_CLIENT_MAXSIZE Specifies the maximum size in bytes of a session ticket that can be stored in the client session ticket cache. Setting the maximum session ticket size too small could implicitly disable session ticket caching on the client side. The valid sizes are 0 through 2147483647. The default size is 8192 (8K).

A value of 0 disables checking the session ticket size and allows a session ticket of any size.

GSK_SESSION_TICKET_SERVER_ALGORITHM Specifies the algorithm to be used by the server to encrypt and decrypt the session tickets used for TLS V1.3 session resumption. Valid values are AESCBC128 and AESCBC256.

The default value is AESCBC128.

GSK_SESSION_TICKET_SERVER_COUNT Specifies the number of session tickets that will be sent by the server after the initial TLS V1.3 handshake has completed. Each subsequent resumed TLS V1.3 handshake will also send a single session ticket to replace the one used for resumption. Valid values are 0 through 16.

The default value is 2.

GSK_SESSION_TICKET_SERVER_ENABLE Specifies if the server supports sending session tickets after a TLS V1.3 handshake has completed and if it will accept resumption attempts from the client. A value of 0, OFF, or DISABLED disables TLS V1.3 server session resumption. A value of 1, ON, or ENABLED enables TLS V1.3 server session resumption.

The default value is ON.

GSK_SESSION_TICKET_SERVER_KEY_REFRESH Specifies the key refresh interval in seconds of the encryption key used by the server to encrypt session tickets. In order to encrypt and decrypt session tickets, GSK_SESSION_TICKET_SERVER _ENABLE must be ON and the server must be configured to send session tickets, either via GSK_SESSION_TICKET_SERVER _COUNT or via the GSK_SEND_SESSION_TICKET option in gsk_secure_socket_misc().

When the encryption key is refreshed and a new primary encryption key is generated, the former encryption key is retained as a secondary key that can be used only for decryption until the subsequent refresh occurs. When the ticket is decrypted, the server only accepts the ticket if the GSK_SESSION_TICKET_SERVER _TIMEOUT has not yet passed.

Valid values are 0 through 604800.

The default value is 300.

A value of 0 disables session ticket encryption key refresh.

GSK_SESSION_TICKET_SERVER_TIMEOUT Specifies the maximum time that a server accepts a TLS V1.3 session resumption request from the client measured in seconds from the initial handshake. The server will continue to generate new session tickets for each new resumed handshake until the timeout has been reached, provided GSK_SESSION_TICKET_SERVER _COUNT is greater than 0 and GSK_SESSION_TICKET_SERVER _ENABLE is set to ON. Each session ticket generated by the server will be valid until the timeout has passed.

Because the key used for encryption must be available when the client attempts TLS V1.3 resumption, the GSK_SESSION_TICKET_SERVER_KEY _REFRESH value impacts the lifetime of a session ticket.

Valid values are 1 through 604800 seconds (seven days).

The default value is 300.

GSK_SSL_HW_DETECT_MESSAGE

Setting this environment variable to 1 causes a series of messages to be written to stderr during System SSL initialization. These messages displays the current status of the hardware cryptographic support. These messages are intended for diagnostic use only and are not translated based on the setting of the LANG environment variable.

Specify 1 to have messages written. Any other value is ignored, which is the default.

GSK_SSL_ICSF_ERROR_MESSAGE

Setting this environment variable to 1 causes a message to be written to stderr when an ICSF callable service returns an error. These messages are intended for diagnostic use only and are not translated based on the setting of the LANG environment variable.

Specify 1 to have messages written. Any other value is ignored, which is the default.

GSK_STDERR_FILE

Specifies the fully-qualified name of the file to receive standard error messages generated using SSL message services. Messages displayed from externally documented messages is written to stderr if this environment variable is not defined.

If fully qualified file not specified, the default action is to write standard errors to stderr.

GSK_STDOUT_FILE

Specifies the fully-qualified name of the file to receive standard output messages generated using SSL message services. Messages displayed from externally documented messages is written to stdout if this environment variable is not defined.

If fully qualified file not specified, the default action is to write standard output to stdout.

GSK_SUITE_B_PROFILE

Specifies the Suite B profile to be applied to TLS sessions.

A Suite B compliant TLS V1.2 client must offer only the following cipher suites when conversing with a TLS V1.2 Suite B compliant server.

128-bit security level:
  • C023 = 128-bit AES encryption with SHA-256 message authentication and ephemeral ECDH key exchange signed with an ECDSA certificate.
  • C02B = 128-bit AES in Galois Counter Mode encryption with SHA-256 message authentication and ephemeral ECDH key exchange signed with an ECDSA certificate.
128-bit minimum security level:
  • C02B = 128-bit AES in Galois Counter Mode encryption with SHA-256 message authentication and ephemeral ECDH key.
  • C02C = 256-bit AES in Galois Counter Mode encryption with SHA-384 message authentication and ephemeral ECDH key exchange signed with an ECDSA certificate.
192-bit security level:
  • C024 = 256-bit AES encryption with SHA-384 message authentication and ephemeral ECDH key exchange signed with an ECDSA certificate.
  • C02C = 256-bit AES in Galois Counter Mode encryption with SHA-384 message authentication and ephemeral ECDH key exchange signed with an ECDSA certificate.
192-bit minimum security level:
  • C02C = 256-bit AES in Galois Counter Mode encryption with SHA-384 message authentication and ephemeral ECDH key exchange signed with an ECDSA certificate.

A value of OFF specifies that Suite B compliant profiles are not in use for TLS sessions. This is the default value.

A value of 128 specifies that only ciphers defined within 128-bit Suite B compliant profile can be used for a TLS session.

A value of 128MIN specifies that only AES-GCM ciphers defined within the 128-bit minimum Suite B compliant profile can be used for a TLS session.

A value of 192 specifies that only ciphers defined within 192-bit Suite B compliant profile can be used for a TLS session.

A value of 192MIN specifies that only the AES-GCM cipher defined within the 192-bit minimum Suite B compliant profile can be used for a TLS session.

A value of ALL specifies that ciphers defined within both the 128-bit and 192-bit Suite B compliant profiles can be used for a TLS session.

GSK_SYSPLEX_SIDCACHE

Specifies whether sysplex session caching is supported for this application.

A value of 0, OFF or DISABLED disables sysplex session caching while a value of 1, ON or ENABLED enables sysplex session caching. The default value is OFF.

GSK_T61_AS_LATIN1

Specifies the character set for ASN.1 TELETEXSTRING conversions. The T.61 character set is supposed to be used for strings tagged as TELETEXSTRING. The X.690 ASN.1 definition specifies the 7-bit T.61character set (ISO IR-102). However, many certificate authorities issue certificates using the 8-bit ISO8859-1 character set (ISO IR-100) instead of the 7-bit T.61 character set. This causes conversion errors when the certificate is decoded. To add to the confusion, the 8-bit T.61 character set (ISO IR-103) is also used by some implementations.

If the GSK_T61_AS_LATIN1 environment variable is set to YES or 1, the 8-bit ISO8859-1 character set is used when processing a TELETEX string. If the GSK_T61_AS_LATIN1 environment variable is set to NO or 0, the 8-bit T.61 character set is used. The default is to use the ISO8859-1 character set. The GSK_T61_AS_LATIN1 environment variable is processed during System SSL initialization and is not checked afterward. Note that selecting the incorrect character set can cause strings to be converted incorrectly.

GSK_TLS_CBC_PROTECTION_METHOD Specifies an optional SSL V3.0 or TLS V1.0 CBC IV protection method when writing application data. A value of NONE indicates that no CBC protection is enabled. This is the default.

A value of ZEROBYTEFRAGMENT indicates that zero byte record fragmenting is enabled. When this value is specified, a zero byte record fragment is sent before the application data records are sent.

A value of ONEBYTEFRAGMENT indicates that one byte record fragmenting is enabled. When this value is specified, the first record is sent in two record fragments with the first record fragment containing only one byte of application data. The rest of the application data in the first record is sent in the second record fragment. All following records are written whole.

GSK_TLS_CERT_SIG_ALG_PAIRS Specifies the list of hash and signature algorithm pair specifications that are supported by the client or server as a string consisting of one or more 4-character values in order of preference for use in digital signatures of X.509 certificates.
The certificate signature algorithm pair specifications are sent by either the client or server to the session partner to indicate which signature/hash algorithm combinations are supported for digital signatures in X.509 certificates. The GSK_TLS_CERT_SIG_ALG_PAIRS setting overrides the GSK_TLS_SIG_ALG_PAIRS setting when checking the digital signatures of the remote peer’s X.509 certificates. The certificate signature algorithm pair specification only has relevance for TLS V1.2 client or TLS V1.3 client and server sessions. See Table 6 for a list of valid 4-character certificate signature algorithm pair specifications.
There is no default value.

If not specified, the GSK_TLS_SIG_ALG_PAIRS setting is used to indicate the signature/hash algorithm combinations that are supported by digital signatures in X.509 certificates.

GSK_TLS_SIG_ALG_PAIRS

Specifies the list of hash and signature algorithm pair specifications supported by the client or server as a string consisting of one or more 4-character values in order of preference for use in digital signatures of X.509 certificates and TLS handshake messages.

The signature algorithm pair specifications are sent by either the client or server to the session partner to indicate which signature/hash algorithm combinations are supported for digital signatures in X.509 certificates and TLS handshake messages. If the GSK_TLS_CERT_SIG_ALG_PAIRS setting is specified, the GSK_TLS_SIG_ALG_PAIRS setting is only used to indicate the signature/hash algorithm combinations supported for digital signatures in TLS handshake messages.

The signature algorithm pair specification only has relevance for sessions using TLS V1.2 or higher protocols.

See Table 6 for a list of valid 4-character signature algorithm pair specifications.
The default value is:
"060106030501050304010403
0402030103030302020102030
202".

If TLS V1.3 is enabled, 080608050804 is appended to the end of the default list.

GSK_TRACE

Specifies a bit mask enabling System SSL trace options. No trace option is enabled if the bit mask is 0 and all trace options are enabled if the bit mask is 0xffff. The bit mask can be specified as a decimal (nnn), octal (0nnnn) or hexadecimal (0xhh) value.

These trace options are available:

  • 0x01 = Trace function entry
  • 0x02 = Trace function exit
  • 0x04 = Trace errors
  • 0x08 = Include informational messages
  • 0x10 = Include EBCDIC data dumps
  • 0x20 = Include ASCII data dumps

The default value is 0x00.

GSK_TRACE_FILE

Specifies the name of the trace file. The gsktrace command is used to format the trace file. The trace file is not used if the GSK_TRACE environment variable is not defined or is set to 0.

The current process identifier is included as part of the trace file name when the name contains a percent sign (%). For example, if GSK_TRACE_FILE is set to /tmp/gskssl.%.trc and the current process identifier is 247, then the trace file name is /tmp/gskssl.247.trc.

Must be set to the name of an UNIX System Services file in a directory for which the executing application has write permission.

The default trace file is /tmp/gskssl.%.trc.

GSK_V2_CIPHER_SPECS

Specifies the SSL V2 cipher specifications in order of preference as a string consisting of 1 or more 1-character values.

See Table 1 for the list of the supported ciphers.
Note: If Suite B support is enabled in the SSL environment, the SSL V2 cipher specifications are ignored.

If United States only encryption is enabled (System SSL Security Level 3 FMID or CPACF Feature 3863 is installed), the default is 34. Otherwise, the default is 4.

GSK_V2_SESSION_TIMEOUT

Specifies the session timeout value in seconds for the SSL V2 protocol.

The valid timeout values are 0 through 100, default value is 100.

GSK_V2_SIDCACHE_SIZE

Specifies the number of session identifiers that can be contained in the SSL V2 cache.

The valid cache sizes are 0 through 32000 and defaults to 256. The SSL V2 cache is disabled if 0 is specified. The session identifier cache is allocated using the requested size rounded up to a power of 2 with a minimum size of 16.

GSK_V3_CIPHER_SPECS Specifies the SSL V3 cipher specifications as a string consisting of one or more 2-character values. The SSL V3 cipher specifications are used for the SSL V3, TLS V1.0, TLS V1.1, and TLS V1.2 protocols.
Any ciphers which are not supported by the protocol being negotiated are ignored and not used. See Table 2 for the list of the supported 2-character cipher specifications for each protocol.
Note: If Suite B support is enabled, the 2-character cipher specifications are ignored.

If executing in non-FIPS mode and United States only encryption is enabled (System SSL Security Level 3 FMID or CPACF Feature 3863 is installed), the default is:

"3538392F3233"

If executing in non-FIPS mode and United States only encryption is not enabled (System SSL Security Level 3 FMID and CPACF Feature 3863 are not installed), the default is:

"" (empty string - no default)

If executing in FIPS mode, the default is:

"3538392F3233"

GSK_V3_CIPHER_SPECS_EXPANDED Specifies the SSL V3 or TLS cipher specifications in order of preference as a string consisting of one or more 4-character values. The SSL V3 cipher specifications are used for the SSL V3, TLS V1.0, TLS V1.1, TLS V1.2, and TLS V1.3 protocols.
Any ciphers which are not supported by the protocol being negotiated are ignored and not used. See Table 2 for the list of the supported 4-character cipher specifications for SSL V3, TLS V1.0, TLS V1.1, TLS V1.2, and TLS V1.3.
Note: If Suite B support is enabled, the 4-character cipher specifications are ignored.

If executing in non-FIPS mode and United States only encryption is enabled (System SSL Security Level 3 FMID or CPACF Feature 3863 is installed), the default is:

"003500380039002F00320033"

If executing in non-FIPS mode and United States only encryption is not enabled (System SSL Security Level 3 FMID and CPACF Feature 3863 are not installed), the default is:

"" (empty string – no default)

If executing in FIPS mode, the default is:

"003500380039002F00320033"

GSK_V3_SESSION_TIMEOUT Specifies the session timeout value in seconds for the SSL V3 to TLS V1.2 session identifiers and TLS V1.3 session tickets in the cache. This is the number of seconds until an SSL V3, TLS V1.0, TLS V1.1, and TLS V1.2 session identifier or TLS V1.3 session ticket expires. System SSL keeps the SSL V3, TLS V1.0, TLS V1.1, and TLS V1.2 session identifiers or TLS V1.3 session tickets for this amount of time in the cache. This reduces the amount of data exchanged during the SSL/TLS handshake when a complete initial handshake has already been performed. Session identifiers and session tickets are not kept if a value of 0 is specified. The range is 0-86400 and defaults to 86400. The timeout is disabled if 0 is specified.
GSK_V3_SIDCACHE_SIZE Specifies the size in number of entries in the SSL V3 to TLS V1.2 session identifier and TLS V1.3 session ticket cache. The oldest entry will be removed when the cache is full in order to add a new entry. Session identifiers and session tickets are not remembered if a value of 0 is specified. For the SSL V3, TLS V1.0, TLS V1.1, and TLS V1.2 protocols, the cache stores session identifiers for use on the server and client sides. For the TLS V1.3 protocol on the client side, the cache is used to store session tickets when GSK_SESSION_TICKET_CLIENT _ENABLE is set to ON. The valid cache sizes are 0 through 64000 and defaults to 512. The SSL V3 to TLS V1.2 session identifier and TLS V1.3 session ticket cache is disabled if 0 is specified. The session identifier and session ticket cache is allocated by using the requested size rounded up to a power of 2 with a minimum size of 16.
GSKV2CACHESIZE

Used to control the size limit for a V2 session cache. This variable is for use only with the deprecated API set.

The valid cache sizes are 0 through 32000 and defaults to 256.

GSKV3CACHESIZE

Used to control the size limit for a V3 session cache. This variable is for use only with the deprecated API set.

The valid cache sizes are 0 through 64000 and defaults to 512 entries.

Table 2 contains system environment variables used by SSL.
Table 2. System environment variables used by SSL
System environment variables Usage Valid values
LIBPATH Used to specify the directory to search for a DLL (Dynamic Link Library) file name. If it is not set, the working directory is searched.  
NLSPATH Specifies where the message catalogs are to be found.

The default location is /usr/lib/nls/msg/%L/%N:/usr/lib/nls/msg/ En_US.IBM-1047/%N

PATH Contains a list of directories that the system searches to find executable commands. Directories in this list are separated with colons. Searches each directory in the order specified in the list until it finds a matching executable. If you want the shell to search the working directory, put a null string in the list of directories (for example, to tell the shell to search the working directory first, start the list with a colon or semicolon).  
STEPLIB Identifies a STEPLIB variable to be used in building a process image for running an executable file. A STEPLIB is a set of private libraries used to store a new or test version of an application program, such as a new version of a runtime library. STEPLIB can be set to the values CURRENT or NONE or to a list of z/OS data set names. The default is CURRENT, which passes on the TASKLIB, STEPLIB, or JOBLIB allocations that are part of the invoker's z/OS program search order environment to the process image created for an executable file. The value NONE indicates that you do not want a STEPLIB environment for executable files. You can specify up to 255 z/OS data set names, separated by colons, as a list of data sets used to build a STEPLIB variable.